<?php

require_once($_SERVER['DOCUMENT_ROOT'].'/includes/site_defaults.php');
require_once($_SERVER['DOCUMENT_ROOT'].'/database/db.php');

if (!isset($_SESSION)) {
	session_start();
}
//
$id = -1;

// start validation
$errors = Array();
$exp_vals = Array();
$exp_vals["First Name"] = "First_Name";
$exp_vals["Last Name"] = "Last_Name";
$exp_vals["Email"] = "Email";
$exp_vals["Password"] = "Password";


foreach ($exp_vals as $field => $f_id) {
	$field_valid = true;
	// common things to check
	
	// expected field came over in the post
	if (! isset($_POST[$f_id])) {
		$field_valid = false;
		$errors[] = "Field '$field' was undefined.";
	}
	
	// Check that a value was entered
	if ($field_valid && strlen(trim($_POST[$f_id])) == 0) {
		$field_valid = false;
		$errors[] = "$field requires a value.";
	}
	
	// specific checks for email	
	if ($field_valid && $field == "Email") {
		$checkEmail = '/^[^@]+@[^\s\r\n\'";,@%]+$/';
		$email = trim($_POST[$f_id]);
		if (strlen($email) < 6 || !preg_match($checkEmail, $email)) {
			$field_valid = false;
			$errors[] = 'Email is invalid.';
		}
	}
	
	// specific checks for password
	if ($field_valid && $field == "Password") {
		$field_valid = isset($_POST['Password2']);
		$field_valid = ($field_valid && $_POST['Password'] == $_POST['Password2']);
		$field_valid = ($field_valid && strlen($_POST['Password']) >= 6);
		if (! $field_valid) {
			$errors[] = "Passwords didn't match or were less than 6 characters.";
		}	
	}
}


if (empty($errors)) {	
	if (CheckUserExists($_POST['Email'])) {
		// attempt a login to see if the user exists
		$id = LoginUser("", $_POST['Email'], sha1($_POST['Password']));
		if ($id < 0) {
			$errors[] = "User existed but password was incorrect.";
		} 
	} else {
		
		$i_stmt = sprintf("INSERT INTO contacts (username, first_name, last_name, password) VALUES (%s, %s, %s, %s)",
			GetSQLValueString($_POST['Email'], "text"),
			GetSQLValueString($_POST['First_Name'], "text"),
			GetSQLValueString($_POST['Last_Name'], "text"),
			"'".sha1($_POST['Password'])."'");
		mysql_select_db($db_name, $db);
 		$Result1 = mysql_query($i_stmt) or $errors[] = mysql_error();
		$id = LoginUser(mysql_insert_id());
	} 
	
} 

?>

<?php  
if ($id > 0) {
	$redirect_addr = $site_root.'index.php';		
	echo '<script type="text/javascript" charset="utf-8">location.replace("'.$redirect_addr.'");</script'; 
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta name="robots" content="nofollow, noindex" />
	<title>UnOfficial Green Auto Market Home Page</title>
	<link href="<?php echo $site_root."css/green.css"; ?>" rel="stylesheet" type="text/css" />	
</head>

<body>
	<?php include($header); ?>
	<?php include($navigation); ?>
	<div id="wrapper">
		<div id="contentcontainer">

			<div id="content">
				<div id="contentcontain">
				<?php
					foreach ($errors as $error) {
						echo $error."<br />";
					}
					echo '<a href="edit_account.php">Try Again</a>';
				?>

				</div><!--End of Content Contain-->    
			</div><!--End of Content-->

		</div><!--End of Content Container-->
	</div><!--End of Wrapper-->
	<?php include($footer); ?>
</body>

</html>
